Third-Party GDPR Audits – Conducting due diligence

Securing the data supply chain can be a challenge. Under the GDPR (General Data Protection Regulation), data controllers are liable not just for their own compliance, but also for that of third-party processors.

Contracts and questionnaires, while useful components of any due diligence process, are necessarily limited. Auditing third-party processors is the most effective way to ensure ongoing compliance.

Download this paper to:

  • Find out why contracts and questionnaires offer limited assurance only;
  • Understand the auditing process; and
  • Learn what to look for in a third-party audit provider.
Third-Party GDPR Audits – Conducting due diligence
top